[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Atom protocol and digital signatures

To: Bob Wyman <bob@xxxxxxxx>
Subject: Re: Atom protocol and digital signatures
From: James M Snell <jasnell@xxxxxxxxx>
Date: Tue, 19 Jun 2007 17:02:47 -0700
Cc: Paul Hoffman <phoffman@xxxxxxx>, Bjoern Hoehrmann <derhoermi@xxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>, atom-syntax@xxxxxxx, atom-protocol@xxxxxxx, atompub-ads@xxxxxxxxxxxxxx
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=QCxbldB99TCfBwETOCZvVCjetCMJwpz54YjRm4FAYlMc7sFVVwllveRYi2tsAAUDM38Xc8twid5lRVcwEaQIpjBc1hmvA0RzCHgTMH/lGEU36E/ORTkvKDOxrmU6Tz0E/e7LooJeV4BAh6f/S2r8uN7AdwZK4M0ViiOdjAKUQhI=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=XdxgGtyGXsr6rjBhExsxQ/ymEonmERDS+IjPG3ifMwsJOBFXydrqmOcQLVaqBPM5Wq4SIicOcX+2P0iJPlUqu3Mo+GSH0vOgdcRhkOEpUrQGlgPIAeA5+T0yKvd5jhE1HT5MwRKZPVpUmOkBC3zV+D5lvvSAcsLGDwxOP3vUEZg=
In-reply-to: <45be5cd40706191643h51c3a771r67c31d4761ccb634@xxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/atom-protocol/mail-archive/>
List-id: <atom-protocol.imc.org>
List-unsubscribe: <mailto:atom-protocol-request@imc.org?body=unsubscribe>
References: <tslr6oa9yls.fsf@xxxxxxx> <p06240818c29ddcf53388@xxxxxxxxxxxx> <467831BE.7090604@xxxxxxxxx> <p0624081bc29dea9b6661@xxxxxxxxxxxx> <ajhg73h2vp41jbvcfbcoela2qb2knsha5e@xxxxxxxxxxxxxxxxxxxxxxxx> <p06240820c29e075ddfa1@xxxxxxxxxxxx> <45be5cd40706191643h51c3a771r67c31d4761ccb634@xxxxxxxxxxxxxx>
Sender: owner-atom-protocol@xxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.0 (X11/20070326)

The main point of this discussion is that what happens is completely up
to the server implementation.  It is entirely possible for a particular
server to do exactly what you are suggesting.  However, it is impossible
for a client to make any assumptions about how a server will treat
signed entries without prior specific knowledge of that server.

- James

Bob Wyman wrote:
> 
> I think it should be remembered that signed Atom entries *do* make a
> great deal of sense within the context of the Atom formatted documents
> -- whatever difficulties that they may cause in the protocol
> discussion.
> 
> One important use-case discussed during the definition of the Atom
> syntax was that of aggregate or synthetic feeds. (i.e. feeds that are
> composed of entries taken from more than one other feed).  The current
> syntax allows one to preserve a signed entry in an aggregate feed --
> as long as the signed entry had an atom:source element when it was
> originally signed.
> 
> If the protocol can't preserve the signature associated with an entry
> provided by a client, then it would seem that the protocol can't be
> used to construct an aggregated feed that preserves the integrity of
> properly signed atom entries extracted from other feeds. That is
> unfortunate and seems extremely non-optimal.
> 
> bob wyman
> 
>

References:
- Atom protocol and digital signatures
  - From: Sam Hartman
- Re: Atom protocol and digital signatures
  - From: James M Snell
- Re: Atom protocol and digital signatures
  - From: Bjoern Hoehrmann
- Re: Atom protocol and digital signatures
  - From: Bob Wyman

Prev by Date: Re: Entities in XHTML
Next by Date: Re: Atom protocol and digital signatures
Previous by thread: Re: Atom protocol and digital signatures
Next by thread: Re: Atom protocol and digital signatures
Index(es):
- Date
- Thread